Legislators Set to Toughen Identity Theft Law
May 29, 2012
Tampa Bay legislators are attempting to reform Florida Laws regarding convictions of criminals that commit identity theft. Police are apprehending thieves who are found to possess "ledgers full of hundreds" of Personally Identifiable Information (PII). Included among the PII are the pre-loaded debit cards issued by the Treasury as tax refunds. But officials have to release these criminals. Judicially, there is no direct evidence that a person in possession of such information has utilized it in any way. For instance, in order for the police to convict someone in posession of the information, they would have to have a surveillance video catching someone using the debit or credit card.
The identity theft loophole illustrated by this article solidifies a point from the first chapter of the AIS textbook. Selling stolen identities is a lucrative and safer business for the likes of a career criminal in the tech field.
The article mentions that officials are not as concerned with members of the CPA profession, and their possession of PII; their job warrants its use on a daily basis. Legislators are targeting the thieves in the Tampa area who are believed to have stolen hundreds of millions of dollars in past years through tax fraud and identity theft.
Feds Sue Wyndham Hotels over repeated computer hacks
June 26, 2012
The Federal Trade Commission is suing Wyndham hotels for allowing Russian hackers to phish their customer database on multiple occassions from 2008 to 2010. In the second edition textbook for the Accounting Information Systems class, the final chapter explains that a company should spread it's technical "hubs" amongst various regions in order to avoid destruction of its Information Technology. In this story, the hackers attacked Wyndham's Phoenix, Arizona data center--the main hub.
The hackers installed phishing software on the Wyndham customer databases, and accumulated $10.6 million in credit card transactions. 500,000 people were affected over the span of three hacks over two years. I believe that their response to the various hacks was lacking on the basis of prevention and detection. And as a way to respond and resolve the crisis, the company claims to have notified its customers, and provided them with credit monitoring services. This was their claim. However, the FTC states that Wyndham did not take immediate action.
Wyndham is being sued because they did not "take proper security measures" by using "complex user IDs and passwords." Also, once hacked, the company did not fix the software that they had originally employed to store personally identifiable information including credit card information. Their original software did not encrypt the credit card numbers, and utilized plaintext. This led to additional hacks after the first. Wyndham--one of the largest hotel chains in the world--had a poor reaction to this $10 million dollar crisis. This goes to show that IT security is important in multiple business lines, and that if proper measures are not taken, you will suffer repercussions.
May 29, 2012
Tampa Bay legislators are attempting to reform Florida Laws regarding convictions of criminals that commit identity theft. Police are apprehending thieves who are found to possess "ledgers full of hundreds" of Personally Identifiable Information (PII). Included among the PII are the pre-loaded debit cards issued by the Treasury as tax refunds. But officials have to release these criminals. Judicially, there is no direct evidence that a person in possession of such information has utilized it in any way. For instance, in order for the police to convict someone in posession of the information, they would have to have a surveillance video catching someone using the debit or credit card.
The identity theft loophole illustrated by this article solidifies a point from the first chapter of the AIS textbook. Selling stolen identities is a lucrative and safer business for the likes of a career criminal in the tech field.
The article mentions that officials are not as concerned with members of the CPA profession, and their possession of PII; their job warrants its use on a daily basis. Legislators are targeting the thieves in the Tampa area who are believed to have stolen hundreds of millions of dollars in past years through tax fraud and identity theft.
Feds Sue Wyndham Hotels over repeated computer hacks
June 26, 2012
The Federal Trade Commission is suing Wyndham hotels for allowing Russian hackers to phish their customer database on multiple occassions from 2008 to 2010. In the second edition textbook for the Accounting Information Systems class, the final chapter explains that a company should spread it's technical "hubs" amongst various regions in order to avoid destruction of its Information Technology. In this story, the hackers attacked Wyndham's Phoenix, Arizona data center--the main hub.
The hackers installed phishing software on the Wyndham customer databases, and accumulated $10.6 million in credit card transactions. 500,000 people were affected over the span of three hacks over two years. I believe that their response to the various hacks was lacking on the basis of prevention and detection. And as a way to respond and resolve the crisis, the company claims to have notified its customers, and provided them with credit monitoring services. This was their claim. However, the FTC states that Wyndham did not take immediate action.
Wyndham is being sued because they did not "take proper security measures" by using "complex user IDs and passwords." Also, once hacked, the company did not fix the software that they had originally employed to store personally identifiable information including credit card information. Their original software did not encrypt the credit card numbers, and utilized plaintext. This led to additional hacks after the first. Wyndham--one of the largest hotel chains in the world--had a poor reaction to this $10 million dollar crisis. This goes to show that IT security is important in multiple business lines, and that if proper measures are not taken, you will suffer repercussions.
50/50